//
// Copyright (c) 2004-2005 BroadVision, Inc. All rights reserved.
//
// This software is copyrighted.  Under the copyright laws, this software
// may not be copied, in whole or in part, without prior written consent
// of BroadVision, Inc. or its assignees.  This software is provided under
// the terms of a license between BroadVision and the recipient, and its
// use is subject to the terms of that license.
//
// This software may be protected by one or more U.S. and International
// patents.  Certain applications of BroadVision One-To-One software are
// covered by U.S. patent 5,710,887.
//
// TRADEMARKS: BroadVision and BroadVision One-To-One are registered
// trademarks of BroadVision, Inc., in the United States and the European
// Community, and are trademarks of BroadVision, Inc., in other
// countries.  The BroadVision logo, is a trademark of BroadVision, Inc.,
// in the United States and other countries. Additionally, IONA and Orbix
// are trademarks of IONA Technologies, Ltd.  RSA, MD5, and RC2 are
// trademarks of RSA Data Security, Inc.
//

package com.broadvision.manage.common.tools.action;

import java.util.List;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;
import com.broadvision.system.accesscontrol.client.AccessManager;
import com.broadvision.system.accesscontrol.client.ACObjectID;
import com.broadvision.system.accesscontrol.exceptions.AccessControlException;
import com.broadvision.visitor.client.Visitor;
import com.broadvision.web.servlet.SessionVisitor;
import com.broadvision.web.WebLog;
import com.broadvision.manage.common.tools.action.user.UserUtils;

/**
 *
 */
public class RoleResolver implements com.broadvision.web.action.RoleResolver {

  private static String CHANNEL_ADMIN_ROLE = "ChannelAdmin";

  private static String ORGANIZATION_ADMIN_ROLE = "OrganizationAdmin";

  /**
   *
   */
  public String [] getRoles() {
    String [] roles = new String[3];
    roles[0] = "ProcessManager";
    roles[1] = "ChannelAdmin";
    roles[2] = "OrganizationAdmin";
    return roles;
  }

  /**
   *
   */
  public boolean isUserInRole(Visitor visitor,
                              String role,
                              HttpServletRequest request) 
                       throws Exception {
    SessionVisitor sessionVisitor = SessionVisitor.getInstance(request.getSession());
    int serviceId = sessionVisitor.getServiceId();
    
    if (role.equals("ProcessManager")) {
      return UserUtils.isProcessManager(visitor, serviceId);
    }
    else if (role.equals("ChannelAdmin")) {
      return isChannelAdmin(visitor, serviceId);
    }
    else if (role.equals("OrganizationAdmin")) {
      return isOrganizationAdmin(visitor);
    }

    return false;
  }

  /**
   *
   * <p> <p>
   * @param visitor <code>Visitor</code>
   * @param serviceId
   */
  protected boolean isChannelAdmin(Visitor visitor,
                                   int serviceId)
                            throws Exception {
    boolean isChannelAdmin = false;

    AccessManager accessMgr = AccessManager.instance();
    List objs = accessMgr.getOwnerObjectsForPrincipal(visitor, CHANNEL_ADMIN_ROLE) ;
    for (int index = 0; index < objs.size(); index++) {
      ACObjectID acObjectId = (ACObjectID) objs.get(index);
      String objId = acObjectId.getObjectID();

      // <service_id>:<cntTypeId>:<channel_oid>:<refType>
      // cntTypeId = 6 (default category type)
      // refType = KM_PROGRAM
      StringTokenizer st = new StringTokenizer(objId, ":");
      int objServiceId = -1;
      long channelId = 0;
      String token;

      if (st.hasMoreTokens()) objServiceId = Integer.parseInt(st.nextToken());
      if (st.hasMoreTokens()) token = st.nextToken();
      if (st.hasMoreTokens()) channelId = Long.parseLong(st.nextToken());
 
      if (serviceId == objServiceId) {
        isChannelAdmin = true;
        break;
      }
    }
    return isChannelAdmin;
  }

  /**
   *
   * <p> <p>
   * @param visitor <code>Visitor</code>
   */
  protected boolean isOrganizationAdmin(Visitor visitor)
                                 throws Exception {
    boolean isOrganizationAdmin = false;

    AccessManager accessMgr = AccessManager.instance();
    List objs = accessMgr.getOwnerObjectsForPrincipal(visitor, ORGANIZATION_ADMIN_ROLE);
    if (null != objs && objs.size() > 0) {
      isOrganizationAdmin = true;
    }
    return isOrganizationAdmin;
  }
}
